I have a custom developed plugin for a wordpress website that is an online car community on php5.6. I didn’t develop the site originally but am now the custodian. I have limited programming knowledge. My plugin has about 6 lines in various places like these:

$title = mysql_escape_string(stripslashes($_POST['title']));

$content = mysql_escape_string(stripslashes($_POST['article']));

return mysql_escape_string(stripslashes($_POST[$value]));

I need to move to PHP7 but of course this is a deprecated and obsolete method of interacting with the database.

I’d love someone’s help to propose the cleanest most reliable way of replacing this exact line with either a wpdb query or a esq_sql method. I’ve seen this referenced in many articles but I do not know the correct syntax or security implications given that my lines also have ‘stripslashes’ in there.

Thanks in advance.

Read more here: Replacing mysql_escape_string in a custom plugin when moving to PHP7


If you know the solution of this issue, please leave us a reply in Comment section, to update the question.

Wordpress related questions and answers: